This page is a regression test for crbug/1055360.

• Setup:
• This top-level document has a CSP policy that sets img-src to 'self'
• The cross-origin iframe creates a payment request that triggers JIT crawling of the payment method manifest hosted at kylepay.test.
• Test: if Chrome handles CSP policy correctly, request.canMakePayment() should return true as the payment method manifest crawl is successful.